Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
89
security advisoryfedoradata corruptionFedora 42: luksmeta Update CVE-2025-11568 Severity Informational
New upstream release v10 Fix: CVE-2025-11568. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-457000540a 2025-11-16 00:54:19.352364+00:00 -------------------------------------------------------------------------------- Name : luksmeta Product : Fedora 42 Version : 10 Release : 1.fc42 URL : https://github.com/latchset/luksmeta Summary : Utility for storing small metadata in the LUKSv1 header Description : LUKSMeta is a command line utility for storing small portions of metadata in the LUKSv1 header for use before unlocking the volume. -------------------------------------------------------------------------------- Update Information: New upstream release v10 Fix: CVE-2025-11568 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2025 Sergio Correia - 10-1 - New upstream release v10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2404247 - CVE-2025-11568 luksmeta: Data corruption when handling LUKS1 partitions with luksmeta [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2404247 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-457000540a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 16, 2025
•Informational
Fedora
89
security advisorycriticalFedoraFedora 34: FEDORA-2021-303f6623fa Critical: Tracker3 Metadata Issue
GNOME 40.rc. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-303f6623fa 2021-03-20 00:16:30.596999 --------------------------------------------------------------------------------Name : tracker3 Product : Fedora 34 Version : 3.1.0~rc Release : 1.fc34 URL : Summary : Desktop-neutral metadata database and search tool Description : Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata (both embedded/harvested as well as user definable), a comprehensive database of keywords/tags and links to other entities. It provides additional features for file based objects including context linking and audit trails for a file object. Metadata indexers are provided by the tracker-miners3 package. --------------------------------------------------------------------------------Update Information: GNOME 40.rc --------------------------------------------------------------------------------ChangeLog: * Mon Mar 15 2021 Kalev Lember - 3.1.0~rc-1 - Update to 3.1.0.rc --------------------------------------------------------------------------------References: [ 1 ] Bug #1925640 - CVE-2020-36241 gnome-autoar: directory traversal via a malicious archive that contains a file whose parent is a symbolic link which points outside of the destination directory https://bugzilla.redhat.com/show_bug.cgi?id=1925640 [ 2 ] Bug #1940026 - CVE-2021-28650 gnome-autoar: directory traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations https://bugzilla.redhat.com/show_bug.cgi?id=1940026 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2021-303f6623fa' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 19, 2021
•Critical
Fedora
200
security advisorysecurity updatebuffer overflowScientific Linux SL7 SLSA-2020-5437-1 Critical Kernel Fixes
kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: The flow_dissector feature allows device tracking (CVE-2019-18282) * kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. (CVE-2020-10769) * kernel: buffer uses out of index in ext3/4 f [More...]. Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:5437-1 Issue Date: 2020-12-15 CVE Numbers: None -- Security Fix(es): * kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: The flow_dissector feature allows device tracking (CVE-2019-18282) * kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. (CVE-2020-10769) * kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314) * kernel: umask not applied on filesystem without ACL support (CVE-2020-24394) * kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212) * kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643) -- SL7 x86_64 bpftool-3.10.0-1160.11.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm kernel-3.10.0-1160.11.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.11.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm perf-3.10.0-1160.11.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm python-perf-3.10.0-1160.11.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.11.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.11.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm - Scientific Linux Development Team . Crucial kernel security patch for Scientific Linux SL7.x tackling several vulnerabilities with major implications for system integrity.. kernel Security,Bug Fixes,Scientific Linux,System Impact,Device Tracking. . Severity: Critical. LinuxSecurity.com Team
Dec 15, 2020
•Critical
Scientific Linux
89
security advisoryFedoracritical patchFedora 32: FEDORA-2020-708b23f2ce Critical Update For Kernel 5.8.6
The 5.8.6 stable kernel update contains a number of important fixes across the tree.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-708b23f2ce 2020-09-07 17:12:41.698917 --------------------------------------------------------------------------------Name : kernel Product : Fedora 32 Version : 5.8.6 Release : 201.fc32 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The 5.8.6 stable kernel update contains a number of important fixes across the tree. --------------------------------------------------------------------------------ChangeLog: * Thu Sep 3 2020 Justin M. Forbes - 5.8.6-201 - Linux v5.8.6 - Fix CVE-2020-14385 (rhbz 1874800 1874811) - Move CONFIG_USB_XHCI_PCI_RENESAS to inline (rhbz 1874300) * Thu Aug 27 2020 Justin M. Forbes - 5.8.5-200 - Linux v5.8.5 --------------------------------------------------------------------------------References: [ 1 ] Bug #1874800 - CVE-2020-14385 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt https://bugzilla.redhat.com/show_bug.cgi?id=1874800 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-708b23f2ce' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list--
Sep 07, 2020
•Critical
Fedora
89
security advisoryupdateFedoraFedora 26: FEDORA-2017-2afe501b36 Moderate: Heimdal Authentication Fix
Update to 7.4.0 GA release (CVE-2017-11103). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-2afe501b36 2017-07-23 00:28:58.616752 --------------------------------------------------------------------------------Name : heimdal Product : Fedora 26 Version : 7.4.0 Release : 1.fc26 URL : https://github.com/heimdal/ Summary : A Kerberos 5 implementation without export restrictions Description : Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec (rfc1510 and successors) including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for ticket delegation (S4U2Self, S4U2Proxy). This package can coexist with MIT Kerberos 5 packages. Hesiod is disabled by default since it is deemed too big a security risk by the packager. --------------------------------------------------------------------------------Update Information: Update to 7.4.0 GA release (CVE-2017-11103) --------------------------------------------------------------------------------References: [ 1 ] Bug #1469998 - CVE-2017-11103 heimdal: krb5: Metadata taken from the unauthenticated plaintext [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1469998 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade heimdal' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 23, 2017
•Important
Fedora
172
security advisorymoderateupdate instructionsUbuntu 15.04 Swift: USN-2704-1 Moderate: Metadata Issue and Deletion Threat
Several security issues were fixed in Swift.. =========================================================================Ubuntu Security Notice USN-2704-1 August 06, 2015 swift vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in Swift. Software Description: - swift: OpenStack distributed virtual object store Details: Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. (CVE-2014-7960) Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use this issue to delete objects. (CVE-2015-1856) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: swift 2.2.2-0ubuntu1.3 Ubuntu 14.04 LTS: swift 1.13.1-0ubuntu1.2 Ubuntu 12.04 LTS: swift 1.4.8-0ubuntu2.5 After a standard system update you need to restart swift to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2704-1 CVE-2014-7960, CVE-2015-1856 Package Information: https://launchpad.net/ubuntu/+source/swift/2.2.2-0ubuntu1.3 https://launchpad.net/ubuntu/+source/swift/1.13.1-0ubuntu1.2 https://launchpad.net/ubuntu/+source/swift/1.4.8-0ubuntu2.5 . Multiple vulnerabilities addressed in Swift applications affect Ubuntu versions 12.04, 14.04, and 15.04, necessitating urgent patches.. Ubuntu Swift Security, Object Store Vulnerabilities, Update Instructions. . LinuxSecurity.com Team
Aug 06, 2015
Ubuntu
98
security advisorymoderatered hat enterprise linuxRed Hat Enterprise Linux 6 RHSA-2015:0836-01 Moderate Swift Metadata Issue
Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-swift security update Advisory ID: RHSA-2015:0836-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2015:0836.html Issue date: 2015-04-16 CVE Names: CVE-2014-7960 ==================================================================== 1. Summary: Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6 - noarch 3. Description: OpenStack Object Storage (swift) provides object storage in virtual containers, which allows users to store and retrieve files (arbitrary data). The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A flaw was found in the metadata constraints in OpenStack Object Storage (swift). By adding metadata in several separate calls, a malicious user could bypass the max_meta_count constraint, and store more metadata than allowed by the configuration. (CVE-2014-7960) All users of openstack-swift are advised to upgrade to these updated packages, which correct this issue. After installing this update, the OpenStack ObjectStorage services will be restarted automatically. 4. Solution: Before applying this update, ensure all previously released errata relevant to your system have been applied. Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6 runs on Red Hat Enterprise Linux 6.6. The Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6 Release Notes contain the following: * An explanation of the way in which the provided components interact to form a working cloud computing environment. * Technology Previews, Recommended Practices, and Known Issues. * The channels required for Red Hat Enterprise Linux OpenStack Platform 5 for RHEL 6, including which channels need to be enabled and disabled. The Release Notes are linked to in the References section. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1150461 - CVE-2014-7960 openstack-swift: Swift metadata constraints are not correctly enforced 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6: Source: openstack-swift-1.13.1-4.el6ost.src.rpm noarch: openstack-swift-1.13.1-4.el6ost.noarch.rpm openstack-swift-account-1.13.1-4.el6ost.noarch.rpm openstack-swift-container-1.13.1-4.el6ost.noarch.rpm openstack-swift-doc-1.13.1-4.el6ost.noarch.rpm openstack-swift-object-1.13.1-4.el6ost.noarch.rpm openstack-swift-proxy-1.13.1-4.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2014-7960 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. . Recent updates to openstack-swift address a major security vulnerability for users of Red Hat Enterprise Linux OpenStack. Discover additional details!.Openstack Swift, Red Hat Update, Object Storage Security. . LinuxSecurity.com Team
Apr 16, 2015
Red Hat
98
security advisoryupdatemoderate severityRed Hat: RHSA-2014:0091-01 Moderate: Neutron Metadata Disclosure
Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-neutron security, bug fix, and enhancement update Advisory ID: RHSA-2014:0091-01 Product: Red Hat OpenStack Advisory URL: https://access.redhat.com/errata/RHSA-2014:0091.html Issue date: 2014-01-22 CVE Names: CVE-2013-6419 ==================================================================== 1. Summary: Updated openstack-neutron packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: OpenStack 4 - noarch 3. Description: The openstack-neutron packages provide Openstack Networking (neutron), the virtual network service. It was discovered that the metadata agent in OpenStack Networking was missing an authorization check on the device ID that is bound to a specific port. A remote tenant could guess the instance ID bound to a port and retrieve metadata of another tenant, resulting in information disclosure. Note that only OpenStack Networking setups running neutron-metadata-agent were affected. (CVE-2013-6419) Red Hat would like to thank Jeremy Stanley of the OpenStack Project for reporting this issue. Upstream acknowledges Aaron Rosen of VMware as the original reporter. The openstack-neutron packages have been upgraded to upstream version 2013.2.1, which provides a number of bug fixes and enhancements over the previous version. The most notable fixes andenhancements are: * Support for multiple workers in the Neutron API. This can be achieved by setting the 'workers=' parameter in the neutron.conf file. * The downtime and report interval default settings are tuned for neutron agents. * The floating IP address stability has been enhanced. * A heartbeat-related deadlock problem in neutron-server has been fixed. (BZ#1045419) This update also fixes the following bugs: * An incorrect warning was displayed when running neutron-dhcp-agent with Red Hat Enterprise Linux's version of dnsmasq. This meant that users were incorrectly warned that Red Hat Enterprise Linux's dnsmasq version will not work with neutron-dhcp-agent. This warning has been removed, and will no longer be logged to the neutron-dhcp-agent log file. (BZ#1040196) * A bug in the QPID topic consumer re-connection logic (under the v2 topology) caused qpidd to use a malformed subscriber address after restarting, resulting in RPC requests sent to a topic with multiple serversending up being incorrectly multicast to all servers. This update removes the special-case reconnect logic that handles UUID addresses, which in turn avoids the incorrect establishment of multiple subscription to the same fanout address. The QPID broker now simply automatically generates unique queue names when clients reconnect. (BZ#1045067) * Thread-consuming QPID messages were killed silently by unhandled errors, thus resulting in isolating the component from the rest of the system. With this update, consuming threads are made more resilient to errors by ensuring they do not die on an unhandled error. The error is now logged, and the consuming thread is retried. (BZ#1054249) In addition, this update adds the following enhancement: * Previously, instances connected to tenant networks gained outside connectivity by going through an SNAT by the L3 agent hosting that network's virtual router. With this release, the ability to disable SNAT/PAT on virtual servers is added ensuring that an instance in a tenant network subnetwill retain its IP address as it passes through external networks. For example, if 10.0.0.1 is an instance in the 10.0.0.0/8 tenant network, R1, a virtual router that connects the 10.0.0.0/8 subnet to the 20.0.0.0/8 public provider networks, then you can use the 'neutron router-gateway-set --disable-snat R1 public' command and any traffic from 10.0.0.1, which is forwarded out to the provider network, will retain its actual source IP address of 10.0.0.1. This can be a flexible and useful method to connect instances directly to a provider network, while retaining it in a tenant network. (BZ#1046070) All openstack-neutron users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1038737 - neutron is creating duplicated NAT rules, resulting in instances without network connection 1039148 - CVE-2013-6419 OpenStack Neutron and Nova: Metadata queries from Neutron to Nova are not restricted by tenant 1039528 - Neutron rootwrap does not follow packaging guidelines 1040196 - Remove dnsmasq version warning for dhcp-agent on RHEL 1045067 - [oslo] With QPID, RPC calls to a topic are always fanned-out to all subscribers. 1046070 - Configurable External Gateway Modes 1046087 - The error message that indicates manual DB stamping is needed is not clear enough 1054249 - Thread consuming qpid messages can die silently 6. Package List: OpenStack4: Source: noarch: openstack-neutron-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-bigswitch-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-brocade-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-cisco-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-hyperv-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-linuxbridge-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-mellanox-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-metaplugin-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-metering-agent-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-midonet-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-ml2-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-nec-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-nicira-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-openvswitch-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-plumgrid-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-ryu-2013.2.1-4.el6ost.noarch.rpm openstack-neutron-vpn-agent-2013.2.1-4.el6ost.noarch.rpm python-neutron-2013.2.1-4.el6ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2013-6419 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2014 Red Hat, Inc. . Revised openstack-neutron versions tackle key security vulnerabilities and deliver notable improvements for end-users.. Red Hat OpenStack, Neutron Update, Security Fixes, Networking Enhancements. . LinuxSecurity.com Team
Jan 22, 2014
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!